diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-01-07 19:29:14 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-01-07 19:32:42 +0100 |
commit | 210a68826fac0f6525719cc6044c7858c655986a (patch) | |
tree | cac499e52ecfe455f1c83561ff2e94647cbc6bd7 | |
parent | b80c66ba9836456de5260e4a1b696ba25561f613 (diff) |
sd-bus: always catch name requests for the special names "org.freedesktop.DBus" and "org.freedesktop.DBus.Local" and refuse them
-rw-r--r-- | src/bus-proxyd/bus-proxyd.c | 4 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-control.c | 14 |
2 files changed, 14 insertions, 4 deletions
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c index fc70cce940..a7818f5462 100644 --- a/src/bus-proxyd/bus-proxyd.c +++ b/src/bus-proxyd/bus-proxyd.c @@ -829,10 +829,6 @@ static int process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic if (r < 0) return synthetic_reply_method_errno(m, r, NULL); - if (streq(name, "org.freedesktop.DBus")) - return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, - "Connection is not allowed to own the org.freedesktop.DBus service.")); - if (policy && !policy_check_own(policy, ucred->uid, ucred->gid, name)) return synthetic_reply_method_errno(m, -EPERM, NULL); diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c index b2394db3eb..2db1afb86d 100644 --- a/src/libsystemd/sd-bus/bus-control.c +++ b/src/libsystemd/sd-bus/bus-control.c @@ -137,6 +137,10 @@ _public_ int sd_bus_request_name(sd_bus *bus, const char *name, uint64_t flags) assert_return(service_name_is_valid(name), -EINVAL); assert_return(name[0] != ':', -EINVAL); + /* Don't allow requesting the special driver and local names */ + if (STR_IN_SET(name, "org.freedesktop.DBus", "org.freedesktop.DBus.Local")) + return -EINVAL; + if (!BUS_IS_OPEN(bus->state)) return -ENOTCONN; @@ -215,6 +219,10 @@ _public_ int sd_bus_release_name(sd_bus *bus, const char *name) { assert_return(service_name_is_valid(name), -EINVAL); assert_return(name[0] != ':', -EINVAL); + /* Don't allow requesting the special driver and local names */ + if (STR_IN_SET(name, "org.freedesktop.DBus", "org.freedesktop.DBus.Local")) + return -EINVAL; + if (!BUS_IS_OPEN(bus->state)) return -ENOTCONN; @@ -614,6 +622,9 @@ int bus_get_name_creds_kdbus( uint64_t id; int r; + if (streq(name, "org.freedesktop.DBus")) + return -ENOTSUP; + r = bus_kernel_parse_unique_name(name, &id); if (r < 0) return r; @@ -871,6 +882,9 @@ _public_ int sd_bus_get_name_creds( assert_return(service_name_is_valid(name), -EINVAL); assert_return(bus->bus_client, -ENODATA); + if (streq(name, "org.freedesktop.DBus.Local")) + return -EINVAL; + if (!BUS_IS_OPEN(bus->state)) return -ENOTCONN; |